TCP: 20500, 20501, 20502, 19003, 1935
|
Open only between servers in a Unity Connection cluster
|
CuCsMgr/Unity Connection Conversation Manager
|
cucsmgr
|
Servers in a Unity Connection cluster must be able to connect to
each other on these ports.
|
TCP:
21000–21512
|
Open
|
CuCsMgr/Unity Connection Conversation Manager
|
cucsmgr
|
IP phones must be able to connect to this range of ports on the
Unity Connection server for some phone client applications.
|
TCP:
5000
|
Open
|
CuCsMgr/Unity Connection Conversation Manager
|
cucsmgr
|
Opened for port-status monitoring read-only connections.
Monitoring must be configured in Connection Administration before any data can
be seen on this port (Monitoring is off by default).
Administration workstations connect to this port.
|
TCP and UDP ports allocated by administrator for SIP traffic.
TCP ports 5001, 5002, 5003 and 5004 are open.
Possible ports are
5060–5199
|
Open
|
CuCsMgr/Unity Connection Conversation Manager
|
cucsmgr
|
Unity Connection SIP Control Traffic handled by conversation
manager.
SIP devices must be able to connect to these ports.
|
TCP: 20055
|
Open only between servers in a Unity Connection cluster
|
CuLicSvr/Unity Connection License Server
|
culic
|
Restricted to localhost only (no remote connections to this
service are needed).
|
TCP: 1502, 1503 (“ciscounity_tcp” in /etc/services)
|
Open only between servers in a Unity Connection cluster
|
unityoninit/Unity Connection DB
|
root
|
Servers in a Unity Connection cluster must be able to connect to
each other on these database ports.
For external access to the database, use CuDBProxy.
|
TCP:
143, 993, 7993, 8143, 8993
|
Open
|
CuImapSvr/Unity Connection IMAP Server
|
cuimapsvr
|
Client workstations must be able to connect to ports 143 and 993
for IMAP inbox access, and IMAP over SSL inbox access.
|
TCP:
25, 8025
|
Open
|
CuSmtpSvr/Unity Connection SMTP Server
|
cusmtpsvr
|
Servers delivering SMTP to Unity Connection port 25, such as
other servers in a UC Digital Network.
|
TCP: 4904
|
Blocked; internal use only
|
SWIsvcMon (Nuance SpeechWorks Service Monitor)
|
openspeech
|
Restricted to localhost only (no remote connections to this
service are needed).
|
TCP: 4900:4904
|
Blocked; internal use only
|
OSServer/Unity Connection Voice Recognizer
|
openspeech
|
Restricted to localhost only (no remote connections to this
service are needed).
|
UDP:
16384–21511
|
Open
|
CuMixer/Unity Connection Mixer
|
cumixer
|
VoIP devices (phones and gateways) must be able to send traffic
to these UDP ports to deliver inbound audio streams.
|
UDP: 7774–7900
|
Blocked; internal use only
|
CuMixer/
Speech recognition RTP
|
cumixer
|
Restricted to localhost only (no remote connections to this
service are needed).
|
TCP: 22000
UDP: 22000
|
Open only between servers in a Unity Connection cluster
|
CuSrm/
Unity Connection Server Role Manager
|
cusrm
|
Cluster SRM RPC.
Servers in a Unity Connection cluster must be able to connect to
each other on these ports.
|
TCP: 22001
UDP: 22001
|
Open only between servers in a Unity Connection cluster
|
CuSrm/
Unity Connection Server Role Manager
|
cusrm
|
Cluster SRM heartbeat.
Heartbeat event traffic is not encrypted but is MAC secured.
Servers in a Unity Connection cluster must be able to connect to
each other on these ports.
|
TCP:
20532
|
Open
|
CuDbProxy/
Unity Connection Database Proxy
|
cudbproxy
|
If this service is enabled it allows administrative read/write
database connections for off-box clients. For example, some of the
ciscounitytools.com tools use this port.
Administrative workstations would connect to this port.
|
TCP:
22
|
Open
|
Sshd
|
root
|
Firewall must be open for TCP 22 connections for remote CLI
access and serving SFTP in a Unity Connection cluster.
Administrative workstations must be able to connect to a Unity
Connection server on this port.
Servers in a Unity Connection cluster must be able to connect to
each other on this port.
|
UDP:
161
|
Open
|
Snmpd Platform SNMP Service
|
root
|
—
|
UDP:
500
|
Open
|
Raccoon ipsec isakmp (key management) service
|
root
|
Using ipsec is optional, and off by default.
If the service is enabled, servers in a Unity Connection cluster
must be able to connect to each other on this port.
|
TCP:
8500
UDP:
8500
|
Open
|
clm/cluster management service
|
root
|
The cluster manager service is part of the Voice Operating
System.
Servers in a Unity Connection cluster must be able to connect to
each other on these ports.
|
UDP:
123
|
Open
|
Ntpd Network Time Service
|
ntp
|
Network time service is enabled to keep time synchronized
between servers in a Unity Connection cluster.
The publisher server can use either the operating system time on
the publisher server or the time on a separate NTP server for time
synchronization. Subscriber servers always use the publisher server for time
synchronization.
Servers in a Unity Connection cluster must be able to connect to
each other on this port.
|
TCP: 5007
|
Open
|
Tomcat/Cisco Tomcat (SOAP Service)
|
tomcat
|
Servers in a Unity Connection cluster must be able to connect to
each other on these ports.
|
TCP: 1500, 1501
|
Open only between servers in a Unity Connection cluster
|
cmoninit/Cisco DB
|
informix
|
These database instances contain information for LDAP integrated
users, and serviceability data.
Servers in a Unity Connection cluster must be able to connect to
each other on these ports.
|
TCP: 1515
|
Open only between servers in a Unity Connection cluster
|
dblrpm/Cisco DB Replication Service
|
root
|
Servers in a Unity Connection cluster must be able to connect to
each other on these ports.
|
TCP: 8001
|
Open only between servers in a Unity Connection cluster
|
dbmon/Cisco DB Change Notification Port
|
database
|
Servers in a Unity Connection cluster must be able to connect to
each other on these ports.
|
TCP: 2555, 2556
|
Open only between servers in a Unity Connection cluster
|
RisDC/Cisco RIS Data Collector
|
ccmservice
|
Servers in a Unity Connection cluster must be able to connect to
each other on these ports.
|
TCP: 1090, 1099
|
Open only between servers in a Unity Connection cluster
|
Amc/Cisco AMC Service (Alert Manager Collector)
|
ccmservice
|
Performs back-end serviceability data exchanges
1090: AMC RMI Object Port 1099: AMC RMI Registry Port
Servers in a Unity Connection cluster must be able to connect to
each other on these ports.
|
TCP:
80, 443, 8080, 8443
|
Open
|
tomcat/Cisco Tomcat
|
tomcat
|
Both client and administrative workstations need to connect to
these ports.
Servers in a Unity Connection cluster must be able to connect to
each other on these ports for communications that use HTTP-based interactions
like REST.
Note
| These ports support both
the IPv4 and IPv6 addresses. However, the IPv6 address works only when
Connection platform is configured in Dual (IPv4/IPv6) mode. Cisco Unity
Connection Survivable Remote Site Voicemail SRSV supports these ports for IP
communication.
|
|
TCP: 8081, 8444
|
Open only between servers in HTTPS Networking
|
tomcat/Cisco Tomcat
|
tomcat
|
Servers in HTTPS Networking must be able to connect to each
other on these ports for communications. Unity Connection HTTPS Directory
Feeder service uses these ports for directory synchronization.
Note
| Unity Connection HTTPS
Directory Feeder service supports only IPv4 mode.
|
|
TCP: 5001, 8005
|
Blocked; internal use only
|
tomcat/Cisco Tomcat
|
tomcat
|
Internal tomcat service control and axis ports.
|
TCP:
32768–61000
UDP:
32768–61000
|
Open
|
—
|
—
|
Ephemeral port ranges, used by anything with a dynamically
allocated client port.
|
TCP: 7443
|
Open
|
jetty/Unity Connection Jetty
|
jetty
|
Exchange 2010 and above, single inbox: Jabber and Web Inbox notifications
Note
| You
can open the port using CLI command.
|
|
TCP: 7080
|
Open
|
jetty/Unity Connection Jetty
|
jetty
|
Exchange 2010 only, single inbox only: EWS notifications of
changes to Unity Connection voice messages.
|
UDP: 9291
|
Open
|
CuMbxSync/ Unity Connection Mailbox Sync Service
|
cumbxsync
|
Single inbox only: WebDAV notifications of changes to Unity
Connection voice messages.
|
TCP: 6080
|
Open
|
CuCsMgr/Unity Connection Conversation Manager
|
cucsmgr
|
Video server must be able to connect to Unity Connection on this
port for communications.
|